106.12.215.244

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	(sshd) Failed SSH login from 106.12.215.244 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 18 03:59:50 cvps sshd[22951]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244 user=root Sep 18 03:59:51 cvps sshd[22951]: Failed password for root from 106.12.215.244 port 42578 ssh2 Sep 18 04:07:05 cvps sshd[25463]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244 user=root Sep 18 04:07:06 cvps sshd[25463]: Failed password for root from 106.12.215.244 port 42618 ssh2 Sep 18 04:11:54 cvps sshd[27197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244 user=root	2020-09-19 02:50:51
attackspambots	(sshd) Failed SSH login from 106.12.215.244 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 18 03:59:50 cvps sshd[22951]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244 user=root Sep 18 03:59:51 cvps sshd[22951]: Failed password for root from 106.12.215.244 port 42578 ssh2 Sep 18 04:07:05 cvps sshd[25463]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244 user=root Sep 18 04:07:06 cvps sshd[25463]: Failed password for root from 106.12.215.244 port 42618 ssh2 Sep 18 04:11:54 cvps sshd[27197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244 user=root	2020-09-18 18:52:36
attackspam	Aug 26 15:26:47 pve1 sshd[12145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244 Aug 26 15:26:49 pve1 sshd[12145]: Failed password for invalid user riley from 106.12.215.244 port 37958 ssh2 ...	2020-08-26 23:13:25
attackbots	Aug 11 06:14:40 cho sshd[425886]: Invalid user universe from 106.12.215.244 port 60168 Aug 11 06:14:40 cho sshd[425886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244 Aug 11 06:14:40 cho sshd[425886]: Invalid user universe from 106.12.215.244 port 60168 Aug 11 06:14:42 cho sshd[425886]: Failed password for invalid user universe from 106.12.215.244 port 60168 ssh2 Aug 11 06:19:00 cho sshd[426112]: Invalid user roots from 106.12.215.244 port 60290 ...	2020-08-11 12:33:15
attackbotsspam	SSH Brute-force	2020-08-10 01:54:37
attack	Jun 21 15:31:00 lnxmail61 sshd[3251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244	2020-06-22 03:40:58
attack	Jun 7 20:22:34 localhost sshd\[20545\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244 user=root Jun 7 20:22:37 localhost sshd\[20545\]: Failed password for root from 106.12.215.244 port 49416 ssh2 Jun 7 20:24:16 localhost sshd\[20609\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244 user=root Jun 7 20:24:17 localhost sshd\[20609\]: Failed password for root from 106.12.215.244 port 45522 ssh2 Jun 7 20:26:00 localhost sshd\[20856\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244 user=root ...	2020-06-08 02:26:07
attack	SSH Brute-Force attacks	2020-05-24 13:29:35
attack	2020-05-04T21:45:11.246139vps773228.ovh.net sshd[2122]: Invalid user leah from 106.12.215.244 port 53506 2020-05-04T21:45:13.551888vps773228.ovh.net sshd[2122]: Failed password for invalid user leah from 106.12.215.244 port 53506 ssh2 2020-05-04T21:49:18.780786vps773228.ovh.net sshd[2142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244 user=root 2020-05-04T21:49:20.320300vps773228.ovh.net sshd[2142]: Failed password for root from 106.12.215.244 port 55564 ssh2 2020-05-04T21:53:14.438099vps773228.ovh.net sshd[2218]: Invalid user boning from 106.12.215.244 port 57626 ...	2020-05-05 04:00:03
attackspambots	Apr 24 16:12:44 santamaria sshd\[24130\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244 user=root Apr 24 16:12:46 santamaria sshd\[24130\]: Failed password for root from 106.12.215.244 port 50752 ssh2 Apr 24 16:16:33 santamaria sshd\[24163\]: Invalid user uq from 106.12.215.244 Apr 24 16:16:33 santamaria sshd\[24163\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244 ...	2020-04-25 00:06:50
attackbotsspam	Apr 22 05:43:18 santamaria sshd\[4858\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244 user=root Apr 22 05:43:20 santamaria sshd\[4858\]: Failed password for root from 106.12.215.244 port 40332 ssh2 Apr 22 05:48:35 santamaria sshd\[4977\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244 user=root ...	2020-04-22 18:40:36
attackbotsspam	Apr 20 22:08:33 mail sshd[17103]: Failed password for root from 106.12.215.244 port 55752 ssh2 Apr 20 22:12:52 mail sshd[17865]: Failed password for root from 106.12.215.244 port 54946 ssh2	2020-04-21 05:44:56
attackbotsspam	Apr 8 05:52:12 ns382633 sshd\[25706\]: Invalid user contact from 106.12.215.244 port 57646 Apr 8 05:52:12 ns382633 sshd\[25706\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244 Apr 8 05:52:13 ns382633 sshd\[25706\]: Failed password for invalid user contact from 106.12.215.244 port 57646 ssh2 Apr 8 06:00:22 ns382633 sshd\[27668\]: Invalid user test from 106.12.215.244 port 57804 Apr 8 06:00:22 ns382633 sshd\[27668\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244	2020-04-08 12:03:20
attack	Mar 31 01:37:31 new sshd[19034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244 user=r.r Mar 31 01:37:34 new sshd[19034]: Failed password for r.r from 106.12.215.244 port 49238 ssh2 Mar 31 01:37:34 new sshd[19034]: Received disconnect from 106.12.215.244: 11: Bye Bye [preauth] Mar 31 01:45:19 new sshd[21614]: Failed password for invalid user lishanbin from 106.12.215.244 port 44466 ssh2 Mar 31 01:45:19 new sshd[21614]: Received disconnect from 106.12.215.244: 11: Bye Bye [preauth] Mar 31 01:47:17 new sshd[22085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244 user=r.r Mar 31 01:47:19 new sshd[22085]: Failed password for r.r from 106.12.215.244 port 39868 ssh2 Mar 31 01:47:19 new sshd[22085]: Received disconnect from 106.12.215.244: 11: Bye Bye [preauth] Mar 31 01:49:13 new sshd[22556]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ss........ -------------------------------	2020-03-31 18:36:50

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.215.238	attackbots	Oct 11 15:22:09 Tower sshd[22634]: Connection from 106.12.215.238 port 59798 on 192.168.10.220 port 22 rdomain "" Oct 11 15:22:11 Tower sshd[22634]: Invalid user brad from 106.12.215.238 port 59798 Oct 11 15:22:11 Tower sshd[22634]: error: Could not get shadow information for NOUSER Oct 11 15:22:11 Tower sshd[22634]: Failed password for invalid user brad from 106.12.215.238 port 59798 ssh2 Oct 11 15:22:11 Tower sshd[22634]: Received disconnect from 106.12.215.238 port 59798:11: Bye Bye [preauth] Oct 11 15:22:11 Tower sshd[22634]: Disconnected from invalid user brad 106.12.215.238 port 59798 [preauth]	2020-10-12 05:27:29
106.12.215.238	attackspam	Oct 11 06:54:02 staging sshd[298025]: Invalid user edgar from 106.12.215.238 port 35298 Oct 11 06:54:02 staging sshd[298025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.238 Oct 11 06:54:02 staging sshd[298025]: Invalid user edgar from 106.12.215.238 port 35298 Oct 11 06:54:04 staging sshd[298025]: Failed password for invalid user edgar from 106.12.215.238 port 35298 ssh2 ...	2020-10-11 21:33:39
106.12.215.238	attack	Oct 11 04:46:16 staging sshd[296353]: Invalid user prueba1 from 106.12.215.238 port 34512 Oct 11 04:46:16 staging sshd[296353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.238 Oct 11 04:46:16 staging sshd[296353]: Invalid user prueba1 from 106.12.215.238 port 34512 Oct 11 04:46:18 staging sshd[296353]: Failed password for invalid user prueba1 from 106.12.215.238 port 34512 ssh2 ...	2020-10-11 13:30:25
106.12.215.238	attackspam	2020-10-10T22:44:52.331754cyberdyne sshd[183259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.238 2020-10-10T22:44:52.325641cyberdyne sshd[183259]: Invalid user toor from 106.12.215.238 port 36514 2020-10-10T22:44:54.788493cyberdyne sshd[183259]: Failed password for invalid user toor from 106.12.215.238 port 36514 ssh2 2020-10-10T22:48:51.026708cyberdyne sshd[184096]: Invalid user web76p3 from 106.12.215.238 port 38266 ...	2020-10-11 06:54:19
106.12.215.238	attackspam	Oct 1 17:35:11 haigwepa sshd[32522]: Failed password for root from 106.12.215.238 port 38676 ssh2 ...	2020-10-02 04:25:38
106.12.215.238	attackspambots	Invalid user admin from 106.12.215.238 port 59652	2020-10-01 20:40:40
106.12.215.238	attack	Invalid user gtg from 106.12.215.238 port 42866	2020-09-03 22:47:13
106.12.215.238	attackbotsspam	Invalid user gtg from 106.12.215.238 port 42866	2020-09-03 14:23:38
106.12.215.238	attackspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-03 06:35:56
106.12.215.238	attack	Aug 30 22:33:22 sso sshd[25887]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.238 Aug 30 22:33:24 sso sshd[25887]: Failed password for invalid user linaro from 106.12.215.238 port 53774 ssh2 ...	2020-08-31 08:05:11
106.12.215.118	attack	2020-08-24T06:07:07.988777vps1033 sshd[11950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.118 2020-08-24T06:07:07.983818vps1033 sshd[11950]: Invalid user pych from 106.12.215.118 port 39566 2020-08-24T06:07:09.673177vps1033 sshd[11950]: Failed password for invalid user pych from 106.12.215.118 port 39566 ssh2 2020-08-24T06:08:33.732263vps1033 sshd[14923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.118 user=root 2020-08-24T06:08:35.558344vps1033 sshd[14923]: Failed password for root from 106.12.215.118 port 56648 ssh2 ...	2020-08-24 16:58:32
106.12.215.118	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-06T15:55:32Z and 2020-08-06T16:03:37Z	2020-08-07 00:09:29
106.12.215.118	attack	Aug 4 00:14:14 ny01 sshd[12019]: Failed password for root from 106.12.215.118 port 38726 ssh2 Aug 4 00:18:30 ny01 sshd[12560]: Failed password for root from 106.12.215.118 port 42284 ssh2	2020-08-04 15:56:17
106.12.215.238	attackbots	Aug 1 07:41:51 localhost sshd\[20140\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.238 user=root Aug 1 07:41:53 localhost sshd\[20140\]: Failed password for root from 106.12.215.238 port 40644 ssh2 Aug 1 07:49:41 localhost sshd\[20267\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.238 user=root ...	2020-08-01 17:33:23
106.12.215.238	attackspam	bruteforce detected	2020-07-25 17:55:41

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.215.244
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43167
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.215.244.			IN	A

;; AUTHORITY SECTION:
.			286	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020033100 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 31 18:36:42 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 244.215.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 244.215.12.106.in-addr.arpa.: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
49.68.223.52	attack	spam	2020-06-23 23:15:57
70.71.148.228	attackbots	2020-06-23T12:06:26.139953server.espacesoutien.com sshd[22249]: Invalid user password from 70.71.148.228 port 57000 2020-06-23T12:06:26.154223server.espacesoutien.com sshd[22249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.71.148.228 2020-06-23T12:06:26.139953server.espacesoutien.com sshd[22249]: Invalid user password from 70.71.148.228 port 57000 2020-06-23T12:06:27.840366server.espacesoutien.com sshd[22249]: Failed password for invalid user password from 70.71.148.228 port 57000 ssh2 ...	2020-06-23 23:01:22
161.35.99.173	attackspam	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-23 22:55:02
182.61.187.193	attackbots	Jun 23 16:21:03 piServer sshd[18248]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.187.193 Jun 23 16:21:05 piServer sshd[18248]: Failed password for invalid user lux from 182.61.187.193 port 54646 ssh2 Jun 23 16:25:34 piServer sshd[18631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.187.193 ...	2020-06-23 22:51:14
182.76.80.70	attackbotsspam	Jun 23 12:06:17 *** sshd[24972]: Invalid user tsserver from 182.76.80.70	2020-06-23 23:06:44
183.109.79.253	attackbots	Jun 23 19:28:51 gw1 sshd[19389]: Failed password for ubuntu from 183.109.79.253 port 62144 ssh2 ...	2020-06-23 23:09:55
103.63.108.25	attackspambots	Jun 23 15:53:30 h2779839 sshd[11487]: Invalid user boom from 103.63.108.25 port 46258 Jun 23 15:53:30 h2779839 sshd[11487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.63.108.25 Jun 23 15:53:30 h2779839 sshd[11487]: Invalid user boom from 103.63.108.25 port 46258 Jun 23 15:53:33 h2779839 sshd[11487]: Failed password for invalid user boom from 103.63.108.25 port 46258 ssh2 Jun 23 15:57:25 h2779839 sshd[11658]: Invalid user skg from 103.63.108.25 port 46074 Jun 23 15:57:25 h2779839 sshd[11658]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.63.108.25 Jun 23 15:57:25 h2779839 sshd[11658]: Invalid user skg from 103.63.108.25 port 46074 Jun 23 15:57:27 h2779839 sshd[11658]: Failed password for invalid user skg from 103.63.108.25 port 46074 ssh2 Jun 23 16:01:17 h2779839 sshd[11699]: Invalid user delilah from 103.63.108.25 port 45890 ...	2020-06-23 22:57:16
218.92.0.200	attackspambots	2020-06-23T15:19:08.441627mail.csmailer.org sshd[27676]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.200 user=root 2020-06-23T15:19:10.723304mail.csmailer.org sshd[27676]: Failed password for root from 218.92.0.200 port 31381 ssh2 2020-06-23T15:19:08.441627mail.csmailer.org sshd[27676]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.200 user=root 2020-06-23T15:19:10.723304mail.csmailer.org sshd[27676]: Failed password for root from 218.92.0.200 port 31381 ssh2 2020-06-23T15:19:12.853928mail.csmailer.org sshd[27676]: Failed password for root from 218.92.0.200 port 31381 ssh2 ...	2020-06-23 23:22:50
89.252.181.114	attackspambots	Automatic report - Banned IP Access	2020-06-23 23:00:27
218.22.36.135	attack	$f2bV_matches	2020-06-23 22:43:01
106.13.233.186	attack	Jun 23 14:32:20 piServer sshd[9678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.233.186 Jun 23 14:32:22 piServer sshd[9678]: Failed password for invalid user edward from 106.13.233.186 port 45466 ssh2 Jun 23 14:36:03 piServer sshd[9948]: Failed password for root from 106.13.233.186 port 33807 ssh2 ...	2020-06-23 22:43:53
188.128.63.130	attack	Icarus honeypot on github	2020-06-23 22:58:41
106.51.85.16	attackspam	Jun 23 13:18:15 gestao sshd[30313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.85.16 Jun 23 13:18:16 gestao sshd[30313]: Failed password for invalid user ftptest from 106.51.85.16 port 38424 ssh2 Jun 23 13:22:09 gestao sshd[30376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.85.16 ...	2020-06-23 22:45:08
41.37.7.80	attack	Lines containing failures of 41.37.7.80 Jun 23 14:14:41 shared04 sshd[31677]: Invalid user admin from 41.37.7.80 port 62077 Jun 23 14:14:41 shared04 sshd[31677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.37.7.80 Jun 23 14:14:43 shared04 sshd[31677]: Failed password for invalid user admin from 41.37.7.80 port 62077 ssh2 Jun 23 14:14:43 shared04 sshd[31677]: Connection closed by invalid user admin 41.37.7.80 port 62077 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=41.37.7.80	2020-06-23 23:17:18
125.119.35.63	attack	Lines containing failures of 125.119.35.63 Jun 23 07:40:52 neweola postfix/smtpd[3433]: connect from unknown[125.119.35.63] Jun 23 07:40:54 neweola postfix/smtpd[3433]: NOQUEUE: reject: RCPT from unknown[125.119.35.63]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo= Jun 23 07:40:54 neweola postfix/smtpd[3433]: disconnect from unknown[125.119.35.63] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4 Jun 23 07:40:54 neweola postfix/smtpd[3433]: connect from unknown[125.119.35.63] Jun 23 07:40:56 neweola postfix/smtpd[3433]: lost connection after AUTH from unknown[125.119.35.63] Jun 23 07:40:56 neweola postfix/smtpd[3433]: disconnect from unknown[125.119.35.63] ehlo=1 auth=0/1 commands=1/2 Jun 23 07:40:56 neweola postfix/smtpd[3433]: connect from unknown[125.119.35.63] Jun 23 07:40:57 neweola postfix/smtpd[3433]: lost connection after AUTH from unknown[125.119.35.63] Jun 23 07:40:57 neweola postfix/smtpd[3433]: disconnect from unk........ ------------------------------	2020-06-23 23:23:48

最近上报的IP列表

52.142.28.240	52.166.68.207	112.72.94.160	83.211.37.122
94.168.80.13	151.80.66.18	113.183.192.111	27.54.51.69
202.184.32.35	116.98.120.15	106.13.181.89	1.32.238.18
186.93.102.210	51.77.6.128	61.52.96.201	178.62.207.124
74.126.187.242	198.252.104.218	241.117.89.33	105.217.157.83